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DETAILED ACTION 

The instant application having Application No. 10/596,863 is presented for 
examination by the examiner. Examiner acknowledges Applicant election of claims 30- 
32 and 46-49. 

Specification 

The disclosure is objected to because of the following informalities: there is a 
cited reference which has not be included on an IDS statement. On page 5, the Bruce 
Schneier book is incorporated by reference; therefore it needs to be included on an IDS 
statement. 

Appropriate correction is required. 

Claim Objections 

Claims 30-32 and 46-49 are objected to because of the following informalities: 
The references in parenthesis raise the argument of whether they are specifically 
related to the figures' references or simply an example of the word preceding the 
parenthesis. For example in claim 30, it could be argued that the WLAN is the access 
network or WLAN is an example of an access network. The scope of the claims is 
mired by this relationship. It is not possible to determine the scope of the preceding 
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term because one could say it is just a variable name and another could argue that it 
must be that specific type of network for example. The removal of the parenthesis term 
would resolve the confusion or if it is intended to limit the scope to that type of entity, the 
generic word could be replaced by the parenthesis term. 



Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claim 31 , 32, and 46-48 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 

As per claims 31 and 32, it is unclear from the language of the claims what "the 
access level" is referring to. There is no mention of any access level in the parent claim 
to provide antecedent basis for this limitation. As such Examiner is interpreting the 
claim broadly not to impose any limiting scope of this term since its meaning cannot be 
ascertained within the confines of claim. Appropriate correction is required. 

As per claim 46, there seems to be some word which does not fit into the 
meaning of the claim language. In the last limitation, "a means for confirming... towards 
an entity" renders the claim indefinite. It is not understood how one confirms something 
towards something else. 
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As per claim 47 and 48, it not understood how "an entity" is related to two 
possible entities "SAAN, SSO_SM". This raises the question mentioned above in the 
claim objection paragraphs. Is the entity a SAAN, or is it a SSO_SM? Examiner fails to 
resolve how a singular entity could be both, so again it is impossible to ascertain the 
scope of entity as it relates to the plurality of parenthesis terms. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



Claims 30-32, 46, 48, and 49 are rejected under 35 U.S.C. 102(e) as being 
anticipated by USP Application Publication 2004/0225878 to Costa-Requena et al., 
hereinafter Costa. 

As per claim 30, Costa teaches an apparatus arranged for receiving an access 
request in a telecommunication core network from an entity in an access network where 
a user with a user's equipment accesses through, the user being a subscriber of the 
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telecommunication CN and being identified by a user's identifier included in the access 
request, the apparatus having a means for carrying out an authentication procedure 
with the UE through the access network in order to authenticate the user (0034); and a 
means for computing at least one secret user's key (calculations are inherently 
performed on the Ki secret key employed by the GSM standard; 0029, 0052) usable as 
cryptographic material (0035), the apparatus comprising: 

a means for deriving from the cryptographic material a user's shared key 
(confidential keys; 0035) intended for SSO purposes (0050); and 
a means for sending the user's shared key along with the user's identifier towards a 
session manager serving a service network (0050). 

As per claim 31 , Costa teaches comprising means for being notified that a 
session [session layer] the access level has been established, this notification triggering 
the sending of the user's shared key towards the session manager serving the service 
network (0036 and 0045). 

As per claim 32, Costa teaches means for being notified that a session at the 
access level has been terminated, and means for forwarding this notification towards 
the session manager (0050) serving the service network in order to Inactivate a current 
master session for the user [single log-out]. 

As per claim 46, Costa teaches A user's equipment usable by a user with a 
subscription in a telecommunication network, and arranged to access a 
telecommunication service network through an access network , the user's equipment 
having means for carrying out an authentication procedure to authenticate the user with 



Application/Control Number: 10/596,863 Page 6 

Art Unit: 2431 

a core network (GSM; 0029), where the user holds the subscription, through the access 
network and means for computing at least one secret user's key (calculations are 
inherently performed on the Ki secret key employed by the GSM standard; 0029, 0052) 
usable as cryptographic material, the user's equipment comprising: 

a means for deriving from the cryptographic material a user's shared key 
intended for SSO purposes (0035 and 0050); 

a repository for storing the user's shared key (0035; SIM); and 

a means for confirming the user's shared key stored at the user's equipment 
towards an entity in the service network (0048). 

As per claim 48, Costa teaches a means for confirming includes a means for 
processing the user's shared key to obtain a key code [integrity check] to be transmitted 
to an entity in the service network (0048). 

As per claim 49, Costa teaches means for receiving an SSO cookie [security 
token] from an entity in the service network, the SSO cookie to be included in all further 
service requests from the user's equipment as an SSO token (0034). 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

Claim 47 is rejected under 35 U.S.C. 103(a) as being unpatentable over Costa in 
view of publication "Using GSM/UMTS for Single Sign-On" by Pashalidis and Mitchell 
hereinafter Mitchell. 

As per claim 47, Costa is silent in disclosing means for confirming includes a 
means for downloading an SSO plug-in from an entity in the service network, the SSO 
plug-in running for confirming back the user's shared key. Mitchell's system of a single 
sign-on mechanism through a SIM based phone teaches that the protocol can be 
implement in a continuously running process (AKA 'service' or 'daemon') to minimized 
the user's interaction (see page 141 , last paragraph before section 4). The service 
running in the background would keep the user authenticated if the system requires 
him/her to ever re-authenticate. It would also allow the system to know that the user 
was still active in the network therefore not time-out the user. It would be beneficial to 
Costa system to implement this feature because it would lessen the burden and 
interaction required by the user to stay authenticated in the network. Therefore it would 
have been obvious to one of ordinary skill in the art at the time of the invention to 
combine this feature of Mitchell within the system of Costa to minimize the burden of the 
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user to stay connected in the network. 
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Conclusion 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure is listed on the enclosed PTO-892 form. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is 
(571)270-7316. The examiner can normally be reached on Monday - Thursday, 7:30am 
- 5:00pm, EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
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Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/M. R. V./ 

Examiner, Art Unit 2431 
/Syed Zia/ 

Primary Examiner, Art Unit 2431 



